package online.inote.dic.api.user;

import java.security.NoSuchAlgorithmException;
import java.util.UUID;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.alibaba.fastjson.JSON;

import online.inote.dic.api.base.BaseController;
import online.inote.dic.common.utils.ResultFactory;
import online.inote.dic.common.utils.StringUtils;
import online.inote.dic.model.user.UserEntity;
import online.inote.dic.repository.redis.RedisRepository;
import online.inote.dic.security.annotions.Security;
import online.inote.dic.security.constants.Token;
import online.inote.dic.security.core.TokenManagement;
import online.inote.dic.service.base.BaseService.MultipleResultsHandle;

/**
 * @description: 用户Controller
 * @author XQF.Sui
 * @created 2019年6月15日 下午2:11:22
 * @version 1.0
 */
@RestController
@RequestMapping(value = "user")
public class UserController extends BaseController<UserEntity, String> {

	@Autowired
	private RedisRepository redisRepository;
	
	/**
	 * @description 登录
	 * @author XQF.Sui
	 * @created 2019年6月15日 下午2:22:26
	 * @param user
	 * @return
	 * @throws NoSuchAlgorithmException 
	 */
	@PostMapping(value = "login")
	@Security(isAuthentication = false)
	public String login(@RequestBody UserEntity user) throws NoSuchAlgorithmException {
		
		if (user == null || StringUtils.isBlank(user.getUsername()) || StringUtils.isBlank(user.getPassword())) {
			return ResultFactory.fail("用户名密码必填").toJSON();
		}
		
		UserEntity userEntity = service.selectByPropertyEqualTo(UserEntity.Fields.username, user.getUsername(),
				MultipleResultsHandle.EXCEPTION);
		
		if (userEntity == null) {
			return ResultFactory.fail("用户不存在").toJSON();
		}
		
		if (!userEntity.getEnable()) {
			return ResultFactory.fail("用户已冻结").toJSON();
		}
		
		if (!StringUtils.equals(user.getPassword(), userEntity.getPassword())) {
			return ResultFactory.fail("密码错误").toJSON();
		}
		
		String token = generateToken(userEntity);
		
		userEntity.setToken(token);
		
		return ResultFactory.success(userEntity).toJSON();
	}

	/**
	 * @description 生成Token
	 * @author XQF.Sui
	 * @created 2019年6月15日 下午2:22:21
	 * @param userEntity
	 * @return
	 * @throws NoSuchAlgorithmException 
	 */
	private String generateToken(UserEntity user) throws NoSuchAlgorithmException {
		
		user.setPrivateKey(UUID.randomUUID().toString());	// 设置私有KEY，以免一个账号多地同时登录
		
		redisRepository.set(Token.RedisKey.TOKEN_KEY_PREFIX + user.getUsername(), JSON.toJSONString(user),
				Token.RedisKey.TOKEN_KEY_EXPIRE_SECONDS);
		
		return TokenManagement.generateToken(user);
	}
	
	/**
	 * @description 获取消息(测试方法)
	 * @author XQF.Sui
	 * @created 2019年6月15日 下午4:21:35
	 * @return
	 */
	@GetMapping(value = "getMessage")
	public String getMessage() {
		logger.info("Call the getMessage method.");
		return ResultFactory.success("Call the getMessage method successfully", null).toJSON();
	}
}